问题
I'm writing a custom role provider and I need programmatic access the authorization information stored in the web.config. Certain section of the site are only accessible by certain roles. I would like to find out which roles can access a page and/or which page a certain role can access.
I can't seem to figure this one out.
回答1:
You can access any information stored such as ConnectionStrings,AppSettings and other defined values in web.config by WebConfigurationManager class in System.Web.Security namespace.
Let's say you have defined and authorization section as:
<system.web>
<authorization>
<allow roles="admin,moderator" />
<deny users="?" />
</authorization></system.web>
The section you just created means users who has admin and/or moderator roles can access pages within and deny everyone (anonymous) who attempts to access without login information.
In order to that just call out WebConfigurationManager's GetSection method as
AuthorizationSection auth = WebConfigurationManager.GetSection("system.web/authorization") as AuthorizationSection;
AuthorizationSection class will give you
Rules collection which is precisely what you're looking for.
来源:https://stackoverflow.com/questions/1240552/accessing-authorization-information-in-web-config